In Zero Trust, which pillar mandates that data must be classified, labeled, and encrypted?

Disable ads (and more) with a membership for a one time $4.99 payment

Study for the Microsoft SC-900 Exam. Master key concepts with targeted flashcards and multiple-choice questions, featuring hints and explanations. Get prepared and confident for success!

The principle of Zero Trust emphasizes the need for a strong focus on data security, which is encapsulated in the pillar that mandates data to be classified, labeled, and encrypted. This approach is vital as it ensures that sensitive information is adequately protected and handled according to its classification level.

By classifying data, organizations can determine what information is sensitive and what protection mechanisms need to be applied. Labeling data helps in identifying the sensitivity and the required controls on that data throughout its lifecycle. Encryption is a critical measure that protects data both at rest and in transit, making it unreadable to unauthorized users.

This pillar aligns with the overall Zero Trust model, which operates on the assumption that threats could be internal or external and that strict access controls are necessary regardless of the user's location. Consequently, managing data security effectively through classification, labeling, and encryption is fundamental to minimizing risks and safeguarding sensitive information in a Zero Trust architecture.